Users and Roles
Note: SaaS customers can create and configure Users and Roles in Redwood Cloud Portal. For more information, see Managing Users and Roles.
Within RunMyJobs, there are specific actions you can take for Users and Roles.
Users
To work with Users in RunMyJobs, navigate to Security > Users.
You can disable and enable login for Users in RunMyJobs. Note that this only affects Redwood Server, and has no effect on external authentication or authorization systems.
If you permanently disable a User, be sure to duplicate and delete any objects owned by that User. Special care needs to be taken when you disable Users that own processes and/or Process Definitions and/or Chain Definitions.
Tip: You can use the System_ChangeOwner Process Definition to change owners of processes and Process Definition or Chain Definitions.
Users support the following context menu options.
| Action | Description |
|---|---|
| Activate login for user | Enable login for a disabled User. |
| Deactivate login for user | Disable login for an enabled User. |
| Disable the user permanently | Prevent a User from logging in again. |
| Edit | Edit a User's privileges |
| Show permalinks | Show PermaLinks that can be used from third party applications to link to the User. |
| Expand All | Expand all Users in the current list. |
Roles
To work with Roles in RunMyJobs, navigate to Security > Roles.
Only custom Roles, or Roles that were not built-in, can be edited. You can create Roles, but make sure the Role names do not match role names in the external authentication system. If you create a Role in Redwood Server with a name that matches a role in your external authentication system, the Role will not be imported from the external authentication system. However, grants will be done. This allows you to grant permissions to Roles that have not yet been imported, so you do not need to log in with Users having these Roles.
Note: Role privileges are additive. For example, assume that Role A has one set of privileges, and Role B has a different set of privileges. If a User is assigned both Roles, that User will have all of the privileges granted to Role A, plus all the privileges granted to Role B. This is true even if, for example, Role A can only view a given Queue, while Role B has rank submitOnto for the same Queue. If a User is granted both of these Roles, that User will have all of the privileges granted to Role B (including submitOnto), even though Role A is more limited.
Roles support the following context menu options.
Note: For generally applicable object context menu options, see Object Context Menu.
| Action | Description |
|---|---|
| Duplicate | Duplicate a Role. |
| Edit | Edit a Role's description and its privilege grants. |
| Export with Privileges | Export a Role with all its privileges. |
| Delete | Delete a Role. |
| New Role | Create a new Role. |